The mail plugins global configuration allows the use of a password that does not confirm to FIPS requirements (< 14 characters).

If a password is used it needs to be enforced to be at least 14 characters when in FIPS mode.

Note: the current validation in the plugin provides feedback when editing the global configuration but allows persisting invalid configuration. The use of this configuration is blocked when email is attempted to be sent.